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Response to Amendment 



1. This action is responsive to communication received on Oct. 7, 2003. Claims 1- 
58 are pending examination. 



2. Claim 45 is objected to because of the following informalities: The fifth line of the 
claim states "being providing". Appropriate correction is required. 



The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102(e) 
that form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1 ) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 



3. Claim 1-58 are rejected under 35 U.S.C. 102(e) as being anticipated by Frailong 
et al M U.S. Patent No. 6,496,858 (referred to hereafter as Frailong). 

Frailong teaches the invention as claimed including a method of reconfiguring a 
network interface device and connecting the device to an external network. 

As to claim 1, Frailong teaches a machine readable-medium having stored 
thereon sequences of instructions which when executed by a processor cause the 
processor to perform the acts of: 



interface, wherein the network driver interface provides for communication between one 



Specification 



Claim Rejections - 35 USC § 102 



disabling access to at least a first section of code in a network driver 
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or more media access control units and one or more protocol drivers in a computer 
system according to a set of bindings (see col. 8 lines 23-40, where the data store 
contains a database representing a set of bindings); 

patching the first section of code to cause the insertion of rerouting driver 
into the one or more communication paths provided by the set of bindings (see col. 8 
lines 23-40); and 

re-enabling access to the patched first section of code (see col. 8 lines 23- 

40). 

As to claim 2, Frailong teaches the machine readable-medium of claim 1 wherein 
the patching is static patching (see col. 18 lines 6-30, the configuration file or patch is 
downloaded and is applied only if the reconfiguration is complete and succeeds). 

As to claim 3, Frailong teaches the machine readable-medium of claim 2 wherein 
the static patching includes inserting a template jump from the network driver interface 
to a template in the rerouting driver (see col. 15 lines 22-26 and col. 16 lines 3-10, 
where the gateway interface device is the network driver interface and the specified 
FTP site contains the rerouting driver). 

As to claim 4, Frailong teaches the machine readable-medium of claim 3 wherein 
the template jumps are inserted in the network driver interface so that a CALL 
instruction to the protocol driver is replaced with a JUMP to the template in the rerouting 
driver, the template containing the CALL instruction (see col. 15 lines 22-26 and col. 16 
lines 3-10). 
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As to claim 5, Frailong teaches the machine readable-medium of claim 2 wherein 
the patching the first section of code creates at least one new binding between the 
network driver interface and the rerouting driver (see col. 4 lines 49-65 and col. 5 lines 
49-65). 

As to claim 6, Frailong teaches the machine readable-medium of claim 5 wherein 
the at least one new binding provides for communication between one or more media 
access control units and a capturing unit in the rerouting driver (see col. 4 lines 49-65 
and col. 5 lines 41-47, where the gateway interface device is the capturing unit). 

As to claim 7, Frailong teaches the machine readable-medium of claim 6 wherein 
the capturing unit is used to intercept communications over the at least one new binding 
(see col. 4 lines 49-65 and col. 5 lines 41-47). 

As to claim 8, Frailong teaches the machine readable-medium of claim 1 wherein 
the patching is dynamic patching (see col. 8 lines 40-45). 

As to claim 9, Frailong teaches the machine readable-medium of claim 8 wherein 
the dynamic patching includes establishing a new binding between at least one media 
access control unit and dynamic patching code in the rerouting driver and inserting a 
template jump in the network driver interface to a template in the rerouting driver (see 
col. 15 lines 22-26 and col. 16 lines 3-10). 

As to claim 10, Frailong teaches the machine readable-medium of claim 9 
wherein the template jumps are inserted in the network driver interface so that a CALL 
instruction to the protocol driver is replaced with a JUMP to the template in the rerouting 
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driver, the template containing the CALL instruction (see col. 15 lines 22-26 and col. 16 
lines 3-10). 

As to claim 1 1 , Frailong teaches a computer implemented method comprising: 
transmitting from a remote host to a first target computer on a network an 

installation application and a rerouting driver (see col. 18 lines 5-30); 

transmitting from the remote host to the first target computer a command 

to cause the first target computer to execute the installation application (see col. 18 

lines 5-30); 

the first target computer, responsive to receipt of the command, executing 
the installation application, wherein the first target computer includes a network driver 
interface that provides for communication between one or more media access control 
units and one or more protocol drivers according to a set of bindings (see col. 18 lines 
5-30 and col. 8 lines 23-40, where the data store contains a database representing a set 
of bindings); and 

the first target computer responsive to executing the installation 
application causing the modification of the network driver interface to insert the rerouting 
driver into the one or more communication paths provided by the set of bindings without 
restarting the first target computer (see col. 15 lines 22-26 and col. 16 lines 3-10). 
As to claim 18, Frailong teaches a computer system comprising: 

a protocol driver (see col. 12 lines 40-47); 

a media access control unit (see col. 15 lines 22-26 and col. 16 lines 3-10, 
where the gateway interface device is the media control unit); 
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a network driver interface to store a first binding defining a communication 
path between the protocol driver and the media access control unit, the network driver 
interface coupled to communicate packets with the media access control unit, the 
network driver interface patched to communicate the packets with a rerouting driver 
(see col. 15 lines 22-26 and col. 16 lines 3-10); and 

the rerouting driver being coupled to communicate the packets with the 
protocol driver (see col. 15 lines 22-26 and col. 16 lines 3-10). 

As to claim 21, Frailong teaches the computer system of claim 18 wherein the 
rerouting driver further comprising a capture unit to store in a buffer one or more of the 
packets for evaluation (see col. 18 lines 6-30 where the gateway interface verifies if the 
reconfiguration is applicable or not). 

As to claim 22, Frailong teaches the computer system of claim 18 wherein the 
network interface to also store a second binding defining a communication path 
between the rerouting driver and the media access control unit and the capture unit to 
store in the buffer the packets destined for the rerouting driver (see col. 12 lines 50-col. 
13 lines 15). 

As to claim 23, Frailong teaches a rerouting driver for remotely installing network 
drivers and software without restarting the computer system following installation, the 
computer system having an operating system in which a network driver interface 
provides communication of information between at least one media access control unit 
and at least one protocol driver on the computer system, the rerouting driver 
comprising: 
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control code, for controlling the rerouting driver (see col. 12 lines 40-47); 

binding code, for establishing at least one binding at the network driver 
interface so that the rerouting driver is bound to at least one media access control unit 
(see col. 12 lines 50-col. 13 lines 15); 

patching code, for inserting template jumps into at least a first section of 
code in the network driver interface, the template jumps providing jumps to templates in 
the rerouting driver so that information from at least one media access control unit 
destined for at. least one protocol driver is rerouted to the rerouting driver (see col. 15 
lines 22-26 and col. 16 lines 3-10, where the gateway interface device is the network 
driver interface and the specified FTP site contains the rerouting driver); 

at least one template, for receiving information from at least one template 
jump in the network driver interface (see col. 15 lines 22-26 and col. 16 lines 3-10); 

inserted code, for evaluating rerouted information received by the template 
jumps (see col. 18 lines 6-30 where the gateway interface verifies if the reconfiguration 
is applicable or not). 

As to claim 24, Frailong teaches the rerouting driver of claim 23 wherein the 
control code identifies a starting memory address of the network driver interface 
instruction code and disables access to the first section of code and further wherein the 
patching code following the disabling access operates to overwrite the first section of 
code and additional pre-determined memory addresses so the all the pre-determined 
memory addresses are patched (see col. 8 lines 23-40, where the data store contains a 
database representing a set of bindings). 
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As to claim 25, Frailong teaches the rerouting driver of claim 23 wherein the 
patching code responsive to receipt of information being sent from the network driver 
interface determines the instruction code address that sent the information and 
overwrites the first section of code at that address so that memory addresses are 
incrementally patched as information is received from the network driver interface (see 
col. 8 lines 23-40). 

As to claim 26, Frailong teaches a method for disabling and re-enabling access 
to code in a multiprocessor system having a shared memory and a network driver 
interface comprising: 

selecting a first section of code in a first central processing unit that is to 
be modified (see col. 5 lines 25-40 and col. 6 lines 1-5, the processor being any of the 
gateway interface device); 

writing the first section of code into the cache memory of the first central 
processing unit (see col. 5 lines 25-40); 

overwriting a portion of the first section of code in cache memory with 
blocking code to create a first version of code (see col. 5 lines 25-40); 

writing the first version of code into shared memory (see col. 5 lines 25-40, 
shared memory being any of the gateway interface device); 

modifying the first version of code in the cache memory to create a second 
version of code, wherein a portion of the code following the blocking code is overwritten 
with template jumps to effect a static patch of the network driver interface (see col. 5 
lines 25-40); 
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writing the second version of code into shared memory (see col. 5 lines 

25-40); 

modifying the second version of code in the cache memory with code to 
create a third version of code, wherein the blocking code is overwritten to remove the 
blocking code (see col. 8 lines 55-67, the access can be set by setting the configuration 
for the code to be published or not); and 

writing the third version of code into shared memory (see col. 8 lines 40- 

67). 

As to claim 27, Frailong teaches the method of claim 26 wherein the first section 
of code is located in the network driver interface (see col. 5 lines 25-40 and col. 6 lines 
1-5). 

As to claim 28, Frailong teaches a machine readable medium having stored 
therein instructions which when executed cause a set of one or more processors to 
perform the following: 

disabling access to a first section of code, the first section of code to be 
executed when to provide a communication path between a media access control unit 
and an application the first section of code including a generic call (see col. 8 lines 23- 
40); and 

overwriting the first section of code with a second section of code whose 
execution causes execution flow to be rerouted to a third section of code in a rerouting 
driver, the second section of code being larger than the first section of code, the third 
section of code when executed completing the communication path and returning 
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execution flow, the third section of code including additional code not present in the first 
section of code that is now inserted into the communication path (see col. 15 lines 22- 
26 and col. 16 lines 3-10). 

As to claim 29, Frailong teaches the machine-readable medium of claim 28 
wherein the second section of code contains a template jump to a template in the third 
section code (see col. 15 lines 22-26 and col. 16 lines 3-10). 

As to claim 30, Frailong teaches a distributed packet based security system 
installed and enabled without shutdown or restart across a plurality of computers in a 
network that enables each of said plurality of computers to evaluate packets received 
over the network according to a predetermined standard and selectively allow 
transmission of such packets from the network to a protocol driver (see col. 8 lines 23- 
40). 

As to claim 31, Frailong teaches the system of claim 30 wherein the install is 
performed using a patching technique (see col. 8 lines 40-45). 

As to claim 32, Frailong teaches the system of claim 30 wherein each of the 
plurality of computers form a shared memory buffer between a user space that stores 
first code of the distributed packet based security system and a system address space 
that stores the protocol driver and second code of the distributed packet based security 
system, wherein said second code is coupled to said shared memory to store 
information regarding packets received over the network and wherein said first code is 
coupled to the shared memory buffer to evaluate information stored in the shared 
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memory buffer (see col. 18 lines 6-30 where each gateway interface verifies if the 
reconfiguration is applicable or not). 

As to claim 33, Frailong teaches the system of claim 30 wherein the install is 
performed remotely from a host computer on said network (see col. 18 lines 5-30). 

As to claim 34, Frailong teaches a computer system comprising: 
a plurality of networked computers each including: 
a media access control unit coupled to the physical transmission medium 
of the network to extract packets from data provided across said medium (see col. 15 
lines 22-26 and col. 16 lines 3-10, where the gateway interface device is the media 
control unit); 

a protocol driver coupled to the media access control unit (see col. 12 
lines 40-47); and 

filter code installed in between the media access control unit and the 
protocol driver and enabled without shutdown or restart to evaluate said packets and 
selectively allow continued transmission of different ones of said packets to the protocol 
driver (see col. 18 lines 6-30 where the gateway interface verifies if the reconfiguration 
is applicable or not). 

As to claims 38 and 42, Frailong teaches a computer implemented method and a 
machine readable medium comprising: 

distributing from a remote host across a network to a plurality of 
computers code to be installed by each of said plurality of computers, each of said 
plurality of computers including routines to be executed to provide a communication 
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path between a media access control unit coupled to the network and a protocol driver 
said communication path for packets transmitted across said network (see col. 12 lines 
40-47); 

transmitting from the remote host to each of the plurality of computers a 
command to cause each of the plurality of computers to execute said code; and 

each of the plurality of computers responsive to said command performing 
(see col. 18 lines 5-30), 

installing a driver in the communication path between the media access 
control unit and the protocol driver, said installed driver being enabled without restart of 
said computer to evaluate selectively allowing continued transmission of different ones 
of said packets received over said network along the communication path (see col. 18 
lines 5-30). 

As to claim 45, Frailong teaches a computer implemented method comprising: 
installing into each of a plurality of computers on a network code that is 
part of a distributed packet security system, said code being installed such that the 
packets transmitted across sad network to a given one of said plurality of computers is 
received by said code before being provided to a protocol driver (see col. 18 lines 5-30); 

at least the first of said plurality of computers without being shutdown or 
restarted (see col. 8 lines 23-40); 

receiving a packet from said network (see col. 18 lines 5-30); and 
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said code executing on said first computer selectively forwarding said 
packet onto the protocol driver depending upon parameters of the distributed packet 
base security system (see col. 18 lines 5-30). 

As to claim 48, Frailong teaches a machine-readable medium comprising: 

installing and enabling said code (see col. 8 lines 23-40); 

wherein said code selectively forwards said packet onto the protocol driver 
depending upon parameters of the distributed packet base security system (see col. 8 
lines 23-40). 

As to claim 51, Frailong teaches a computer implemented method comprising: 

installing into each of a plurality of computers on a network first and 
second code that is part of a distributed packet security system (see col. 8 lines 23-40); 

at least the first of said plurality of computers without being shutdown or 
restarted (see col. 8 lines 23-40); 

receiving a packet from said network (see col. 18 lines 5-30); 

said second code storing at least certain information from said packet into 
a shared memory buffer (see col. 16 lines 3-20, the FTP site is the shared memory); 
and 

said first code accessing information from said shared memory buffer (see 
col. 18 lines 5-30). 

As to claim 55, Frailong teaches said machine-readable medium comprising: 
installing and enabling without shutdown or restart into each of a plurality 
of computers on a network first and second code that is part of a distributed packet 
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security system (see col. 8 lines 23-40 and col. 16 lines 3-20, where the FTP site is the 
system address space and the gateway interface device is the user address space); 

wherein said second code when executed stores at least certain 
information from said packet into a shared memory buffer between the user address 
space and the system address space (see col. 16 lines 20-27, where the client's 
storage area where the configuration files are stored is the shared memory buffer); and 

wherein said first code when executed by said first computer accesses 
said information from said shared memory buffer (see col. 16 lines 3-20, configuration is 
applied). 

4. Claims 1 2-1 7, 1 9, 20, 35-37, 39-41 , 43, 44, 46, 47, 49, 50, 52-54 and 56-58 do 
not teach or define any new limitations above claims 1-1 1 and 30-33 and therefore are 
rejected for similar reasons. 

5. Applicant's arguments filed have been fully considered but they are not 
persuasive. 

In the remarks, the applicant argues in substance that; A) Frailong does not 
disabling access to at least a first section of code in a network driver interface teach B) 
Frailong does not teach patching the first section of code to cause the insertion of 
rerouting driver into the one or more communication paths provided by the set of 
bindings C) Frailong does not teach re-enabling access to the patched first section of 
code. 

In response to A) Frailong teaches a method and apparatus for initializing, 
configuring, and upgrading a network interface between a client computer network and 
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an external network. The network interface device is configured to communicate with 
other devices through a network or internet. The configuration manager can disable the 
current configuration of the interface device, reconfigure the interface device and then 
re-establish the communication with other devices through the upgraded interface 
configuration device (see col. 2 and col. 8) and therefore Frailong meets the scope of 
the claimed limitation "disabling access to at least a first section of code in a network 
driver interface teach". 

In response to B) Frailong teaches a method and apparatus for initializing, 
configuring, and upgrading a network interface between a client computer network and 
an external network. The network interface device is configured to communicate with 
other devices through a network or internet. The configuration manager can disable the 
current configuration of the interface device, reconfigure the interface device and then 
re-establish the communication with other devices through the upgraded interface 
configuration device (see col. 2 and col. 8) and therefore Frailong meets the scope of 
the claimed limitation "patching the first section of code to cause the insertion of 
rerouting driver into the one or more communication paths provided by the set of 
bindings". 

In response to C) Frailong teaches a method and apparatus for initializing, 
configuring, and upgrading a network interface between a client computer network and 
an external network. The network interface device is configured to communicate with 
other devices through a network or internet. The configuration manager can disable the 
current configuration of the interface device, reconfigure the interface device and then 
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re-establish the communication with other devices through the upgraded interface 
configuration device (see col. 2 and col. 8) and therefore Frailong meets the scope of 
the claimed limitation "re-enabling access to the patched first section of code". 

6. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .1 36(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

7. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Hussein A El-chanti whose telephone number is 
(703)305-4652. The examiner can normally be reached on Mon-Fri 8:30-5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ario Etienne can be reached on (703)308-7562. The fax phone number for 
the organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 

Hussein El-chanti 
May 21, 2004 
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